-fix time assertion introduce in last patch

[oweals/gnunet.git] / src / util / crypto_paillier.c

diff --git a/src/util/crypto_paillier.c b/src/util/crypto_paillier.c
index 8a9e44df3b9362af1272ee4fedc18b081f90ea7b..80ad25f1ffaa2c75884d93f767ef2f786e9fcc80 100644 (file)
--- a/src/util/crypto_paillier.c
+++ b/src/util/crypto_paillier.c
@@ -92,18 +92,21 @@ GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_ke
  *
  * @param public_key Public key to use.
  * @param m Plaintext to encrypt.
+ * @param desired_ops How many homomorphic ops the caller intends to use
  * @param[out] ciphertext Encrytion of @a plaintext with @a public_key.
- * @return guaranteed number of supported homomorphic operations >= 1, -1 for failure
+ * @return guaranteed number of supported homomorphic operations >= 1, 
+ *         or desired_ops, in case that is lower,
+ *         or -1 if less than one homomorphic operation is possible
  */
 int
 GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
                                 const gcry_mpi_t m,
+                                int desired_ops,
                                 struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext)
 {
   int possible_opts;
   gcry_mpi_t n_square;
   gcry_mpi_t r;
-  gcry_mpi_t g;
   gcry_mpi_t c;
   gcry_mpi_t n;
   gcry_mpi_t tmp1;
@@ -114,21 +117,26 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu
   GNUNET_assert (NULL != (tmp1 = gcry_mpi_set_ui (NULL, 1)));
   GNUNET_assert (NULL != (tmp2 = gcry_mpi_set_ui (NULL, 2)));
   gcry_mpi_mul_2exp (tmp1, tmp1, GNUNET_CRYPTO_PAILLIER_BITS);
-
+  
+  // count number of possible operations
+  // this would be nicer with gcry_mpi_get_nbits, however it does not return 
+  // the BITLENGTH of the given MPI's value, but the bits required
+  // to represent the number as MPI.
   for (possible_opts = -2; gcry_mpi_cmp (tmp1, m) > 0; possible_opts++) {
     gcry_mpi_div (tmp1, NULL, tmp1, tmp2, 0);
   }
   gcry_mpi_release (tmp1);
   gcry_mpi_release (tmp2);
+  
   if (possible_opts < 1)
-    return -1;
-  else
-    // reduce by one to guarantee the final homomorphic operation
-    ciphertext->remaining_ops = htonl (possible_opts);
+    possible_opts = 0;
+  //soft-cap by caller
+  possible_opts = (desired_ops < possible_opts)? desired_ops : possible_opts;
+  
+  ciphertext->remaining_ops = htonl (possible_opts);
 
   GNUNET_assert (0 != (n_square = gcry_mpi_new (0)));
   GNUNET_assert (0 != (r = gcry_mpi_new (0)));
-  GNUNET_assert (0 != (g = gcry_mpi_new (0)));
   GNUNET_assert (0 != (c = gcry_mpi_new (0)));
 
   GNUNET_CRYPTO_mpi_scan_unsigned (&n, public_key, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey));
@@ -154,6 +162,7 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu
                                     c);
 
   gcry_mpi_release (n_square);
+  gcry_mpi_release (n);
   gcry_mpi_release (r);
   gcry_mpi_release (c);
 
@@ -186,7 +195,7 @@ GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *p
   GNUNET_CRYPTO_mpi_scan_unsigned (&lambda, private_key->lambda, sizeof private_key->lambda);
   GNUNET_CRYPTO_mpi_scan_unsigned (&mu, private_key->mu, sizeof private_key->mu);
   GNUNET_CRYPTO_mpi_scan_unsigned (&n, public_key, sizeof *public_key);
-  GNUNET_CRYPTO_mpi_scan_unsigned (&c, ciphertext, sizeof *ciphertext);
+  GNUNET_CRYPTO_mpi_scan_unsigned (&c, ciphertext->bits, sizeof ciphertext->bits);
 
   gcry_mpi_mul (n_square, n, n);
   // m = c^lambda mod n^2